DSA-2141-1 changed the behaviour of the openssl libraries in a serverenvironment to only allow SSL/TLS renegotiation for clients thatsupport the RFC5746 renegotiation extension. This update to apache2adds the new SSLInsecureRenegotiation configuration option that allowsto restore support for insecure clients. More information can be foundin the file /usr/share/doc/apache2.2-common/NEWS.Debian.gz .

For the stable distribution (lenny), the compatibility option has beenincluded in version 2.2.9-10+lenny9.

In addition, apache2-mpm-itk has been rebuilt to work with the updatedapache2 packages. The new version number is 2.2.6-02-1+lenny4.

For the unstable distribution (sid), and the testing distribution(squeeze), the compatibility option has been included since version2.2.15-1.

We recommend that you upgrade your apache2 and apache2-mpm-itkpackages.

Further information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: http://www.debian.org/security/